Many times, after we install a web service application (such as tomcat, apache, etc.) on a liunx system, we need to allow other computers to access the application, but the firewall of the linux system (centos, redhat, etc.) only opens port 22 to the outside by default. The port settings of the Linux system are configured in the /etc/sysconfig/iptables file. Open the file using an editor. The content is as follows: # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT The following code is said on the Internet -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3001 -j ACCEPT I tested the above code in CentOS6.5 and it didn't work. If we need to open port 80 to the outside world, add the following code to the above file -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT Also note that this code needs to be added to -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT After that, otherwise the port cannot be opened either. The final configuration is as follows: # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT Editing the above file requires su permission. After saving the above file, run the following command in the terminal: Update the firewall configuration service iptables restart The following command can see the open ports /sbin/iptables -L -n The following command can turn off/on the firewall (requires restarting the system) Enable: chkconfig iptables on To turn off: chkconfig iptables off The following code can start and stop the firewall (effective immediately and invalid after restart) Start: service iptables start Shutdown: service iptables stop The above is the editor's introduction to the Linux system opening 3306, 8080 and other ports to the outside world, and the detailed integration of firewall settings. I hope it will be helpful to everyone. If you have any questions, please leave me a message and the editor will reply to you in time. I would also like to thank everyone for their support of the 123WORDPRESS.COM website! You may also be interested in:
|
<<: Using keras to judge SQL injection attacks (example explanation)
>>: How to make your browser talk with JavaScript
This article introduces in detail some of the tech...
MariaDB is installed by default in CentOS, which ...
Table of contents Get the content of the iframe o...
The inline-block property value becomes very usef...
1. Download MySQL 1. Log in to the official websi...
1. Front-end-led implementation steps The first s...
The main text starts below. 123WORDPRESS.COM Down...
The method found on the Internet works The footer ...
Table of contents 1. Data Source 2. Overall ranki...
I recently discovered a pitfall in regular expres...
Table of contents Introduction Example: Event del...
Project requirements: When you click a product tr...
This is to commemorate the 4 pitfalls I stepped o...
Let me briefly explain the functional scenario: T...
Table of contents Scope Global Scope Function Sco...